Description of General Data Protection – Acon Finland Oy Ltd Updated 24.5.2018
ACON is a Finnish family business, which practices the manufacturing, importing and retail sales of recreational products. We offer a wide variety of high-quality products which aim to activate and innovate our customers. In order to develop our operations further and to truly provide first class experiences, we collect certain pieces of information on our customers. We appreciate and respect the importance of customer data protection and therefore fully comply with existing legislation. This document outlines:
Collected data types and forms
- The use of customer data
- Data protection and privacy
- In addition, this document outlines the ways customers can affect the way we use data and whether it can, indeed be stored.
SUMMARY OF POLICY
- We store the information customers have shared with us directly (e.g. address, phone number, email) in order to provide appropriate services. This information is used in, for instance processing orders, arranging deliveries and occasionally, informing about discounts.
- Our website collects data through cookies. The stored data is processed fully anonymously.
- The use of personal information requires the consent of the person in question. In being our customer, you are seen to have agreed with these terms.
- ACON personnel are able to access and process collected data.
- Although primarily processing information in-house, we may transfer some data onto chosen service providers in order to generate analytics. These providers do not have the ability to use your data for their own purposes, or to transfer onto other parties.
- You can request the erasure of your data at any given point and time. We will also – by way of request – discontinue marketing attempts directed at you.
We kindly ask you to read through this document with care. Please do not hesitate to contact us if questions regarding our policies, or your rights as a customer arise.
Keeper of data register
- Data Confidentiality Direcotor, Teuvo Viljamaa
- Acon Finland Oy Ltd (Y-0896873-7)
- Phone: +358 40 669 4444
- Terminaalitie 9
- 90400 Oulu
- Email: email@example.com
1. What data does ACON collect?
We may collect your information when you order our products, visit our website/store, or if you interact with us otherwise. We do not collect sensitive or delicate personal information on our customers. Depending on the source of information, the data can be divided into two, distinct groups: a) the data which has been directly provided by customers and b) automatically collected data. We may combine and match automatically collected data to the data you have provided.
Information provided by customers
We may collect and store the information you have provided. This information includes phone numbers, names and email addresses, among other appropriate information. In order to deliver our products, we may also need to access information regarding your address. Further, your data includes an indication on whether you’ve given consent to receive directed marketing attempts through electronic interfaces.
Automatically gathered information
- IP address
- The operating system of your device
- Chosen browser
- Type of mobile device
2. Use of customer data
We may use personal information in maintaining customer relationships, contacting customers, handling orders, creating and developing products and services, analytics and directed marketing attempts.
The use of personal information is specifically based on – and dependent on – your consent, and/or the customer relationship you are engaged in with ACON. Engaging in a customer relationship with ACON enables us to use collected data to maintain the relationship in ways seen fit. We may also use this data to direct our marketing attempts towards relevant parties.
3. Management of data
Your data is managed and processed by ACON personnel, whose responsibilities are tightly linked to sales and marketing. Our personnel has been trained to manage data safely and with the highest degree of confidentiality. Your data is only accessed and used in situations where this is required in order to execute tasks successfully.
We utilize trusted service providers in, for instance IT-related projects, various campaigns, and analytics. Your information may be accessible for these providers in order to generate useful results for such services. They are, however unable to utilize this information for other uses than providing services on our behalf. They cannot share this information onward. All agreements between ACON and external service providers comply with European Union General Data Protection Regulations (GDPR).
Our website uses external service providers for online payments. ACON does not collect or handle any information related to transactions or other payments.
4. Transfer of data to regions outside the European Union
Your personal information is mostly handled within the European Union. The only exception to this is Klaviyo, an American service provider which we use for direct marketing activities and other communications. Personal data utilized by Klaviyo will be transferred outside the EU. In order to protect your information and rights, Klaviyo is certified through the Privacy Shield agreement between the EU and the US. Additionally, it has agreed to comply with the European GDPR through its own actions. For more information, please visit: https://www.klaviyo.com/legal/privacy-policy.
5. Third party data access
We do not sell your personal data onward. If your data is to be transferred onwards, it is done only in ways outlined in this document. In granting access to your information, we comply with extant confidentiality regulations.
The sharing/transfer of customer data may be included in an agreement to transfer business operations – partly, or entirely – to another party due to strategic or other operational reasons. In such instances, customer information may or may not be transferred to parties engaged in the agreement.
Additionally, access to personal information may be granted to authorities or law enforcement, if such a requirement is posed by legislation or such bodies.
6. Confidentiality and protection of personal data
Your data is contained within an electronic registry which has been designed with personal data protection in mind. The functions of our website – including all data transfer and communication – are encrypted with SSL protection of the highest grade. Your information is protected from all unauthorized access, disposal, altering, transfer and other illegal use. The registry can only be used by named persons with authorization to handle customer relationships.
7. Duration of Information Storage
We will store your information until they can no longer be reasonably be seen as essential in the completion of the activities described in this document. After this, information will be disposed of unless extant legislation allows the prolonged storage of such information. Your information will be disposed if requested.
8. Your Rights as a Customer
Customers have a right to review stored personal information. They have the right to demand for appropriate amendments to – and the disposal of – this information. Above all, you as a customer have the ability to invoke the rights provided and upheld by EU GDPR legislation. These include rights to limit the storage and use of personal information along with the right to transfer this information into another register and/or system. In order to ensure that these requests are appropriately handled, we may require identifying yourself at one of our business locations, or sending said requests via a signed letter that includes all necessary identification information.
You have a right to disallow the use of your information in targeted marketing activities, distance sales, or other direct marketing attempts. If you have given us the consent of contacting you with marketing-related communications, you have the right to disallow this at any time.
We acknowledge and comply with the rights of the registered as provided by legislation. In the case of possible issues relating to data protection we attempt to find solutions directly with our customers. However, if you feel that our attempts have provided unsatisfactory results, please resort to a independent assessment of the situation by data protection authorities.
9. Possible Data Protection Policy Changes
We may revise this document and our policies occasionally. If considerable changes are to be made, customers will be informed directly through our website or through other necessary means.
Third Party Cookies
While visiting our website, users may come across third party cookies through content imbedded by other internet providers. These cookies may communicate with other websites – such as social media platforms or other external platforms – in order to collect information. It is possible that such information is collected even if one does not personally use the platforms in question. It is not possible for the us to track and monitor the emergence and use of such cookies. We do not engage in separate monitoring activities for these types of cookies. For more information, please resort to the data confidentiality policies of the following service providers:
- Google+ e YouTube
Our website uses Google Analytics. This is a service provided by Google Inc. for analyzing online behavior and website functionality. Google analytics uses a series of cookies to gather information and uses this to create statistics on user behavior. Additionally, the service monitors and improves the performance (performance cookies) of the website. Users cannot be linked to data points collected by these cookies as all information collected by these cookies is pseudonymized. For further information, please visit:
Management of Cookies